CDT: a container data type library
Software—Practice & Experience
External memory algorithms
On network-aware clustering of Web clients
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Deriving traffic demands for operational IP networks: methodology and experience
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Web protocols and practice: HTTP/1.1, Networking protocols, caching, and traffic measurement
Web protocols and practice: HTTP/1.1, Networking protocols, caching, and traffic measurement
Diversity in DNS performance measures
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Traffic classification for application specific peering
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Inferring relative popularity of internet applications by actively querying DNS caches
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Availability, usage, and deployment characteristics of the domain name system
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Maintaining Strong Cache Consistency for the Domain Name System
IEEE Transactions on Knowledge and Data Engineering
Exploiting dynamicity in graph-based traffic analysis: techniques and applications
Proceedings of the 5th international conference on Emerging networking experiments and technologies
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
The increasing deployment of overlay networks that rely on DNS tricks has led to added interest in examining DNS traffic. In this paper we report on a characterization of DNS traffic gathered over a period of several weeks at Internet Gateway Routers (IGRs) in the AT&T Common Backbone. The characterization is carried out using several novel techniques to identify clients, local DNS servers, and authoritative DNS servers. Our techniques include passive and active measurements, graph-based analysis, examination of outliers, and explicit checks against data obtained from several external sources. Our contribution is the reduction of a very large data set (over 1 terabyte of raw data) into a significantly smaller representation that is ideally suited for answering protocol-specific semantic queries quickly. After categorizing the addresses, we use the network aware clustering technique to group local DNS servers. By juxtaposing the DNS server clusters with clusters formed by Web clients obtained from a large portal Web site, we determine the distribution of identified DNS servers in busy clusters. A variety of applications are examined, ranging from identifying suspected zombies to helping Content Distribution Networks in mapping location of DNS servers.